CRLF Injection Vulnerability in Cisco Headend System Release (Bug ID CSCur25580)

CRLF Injection Vulnerability in Cisco Headend System Release (Bug ID CSCur25580)

CVE-2015-0733 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

CRLF injection vulnerability in the HTTP Header Handler in Digital Broadband Delivery System in Cisco Headend System Release allows remote attackers to inject arbitrary HTTP headers, and conduct HTTP response splitting attacks or cross-site scripting (XSS) attacks, via a crafted request, aka Bug ID CSCur25580.

Learn more about our Cis Benchmark Audit For Cisco.